Textile provides exchange and storage of encrypted personal data. We cannot decrypt or otherwise access the data you privately store or share with your contacts. You can choose to share your data such as photos in public forums whereby anyone can view the data contents. Textile provides remote data storage for users on the IPFS network (see https://ipfs.io/). The IPFS protocol has no mechanisms for deletion of data once added, so instead, we allow users to 'revoke' their data, such that all servers in the IPFS network run through Textile (including those in the mobile app) will discontinue the hosting and displaying of said data.
When you share photos in group forums ("Threads"), the encryption keys for the data (full resolution photo, lower resolution copies, and basic metadata) are shared with Thread members and are visible to anyone with the keys to that Thread. Keys are distributed whenever you, or another Thread member, invite new members to the Thread. The encrypted data shared in Threads are distributed over a network of voluntary IPFS servers that no single member, or the Textile organization, controls. Read more about public-key cryptography and the IPFS protocol if you are interested in how this works.
Certain information (e.g. a user identifier, group identifiers, encrypted data, etc.) is transmitted to us solely for the purpose of transmitting messages. Unless otherwise stated below, this information is only kept as long as necessary to place each call or transmit each message, and is not used for any other purpose.
-
Information we store
The identifier you register with.
The email contact address of any new user you invite to the network.
Encrypted contents of Threads may be cached or hosted on voluntary IPFS hosts.
By opt-in, you may request Textile to manage the hosting of your encrypted data on remote IPFS peers. Textile will store and mange the encrypted data, plus an index to each entry you create in order to provide an account quota.
By opt-in, you may request Textile to maintain an encrypted copy of your private wallet, including your private data index. Your private wallet includes metadata about photos in your account, Threads you participate in, and Contacts you have. If a user decides to opt-in, only a privately encrypted copy of the wallet will be stored by Textile, all contents will only be readable by the user with access to their private keys.
-
Transient information
IP addresses may be kept for up to 90 days for rate limiting and to prevent abuse.
Textile is currently collecting performance metrics and critical issues detected in our software. This data may be kept for up to a year. In the future, we will allow users to opt-out of this behavior. This data is collected using a third party service, Crashlytics.
We do not share your information with companies, organizations, and individuals outside of Textile unless one of the following circumstances applies:
With your consent.
The data is encrypted and stored on IPFS hosts.
When legally required.
We will share the information we have with entities outside of Textile if we have a good faith belief that access, use, preservation, or disclosure of the information is necessary to:
meet any applicable law, regulation, legal process or enforceable governmental request.
enforce applicable Terms of Service, including investigation of potential violations.
detect, prevent, or otherwise address fraud, security, or technical issues.
protect against harm to the rights, property, or safety of Textile, our users, or the public as required or permitted by law.
We will update this privacy policy as needed so that it is current, accurate, and as clear as possible.
Please contact us with any questions at contact@textile.io
09.12.18: Clarified the introduction, specifically what information is passing through IPFS and where it may be hosted. Clarified the collection of crash and bug reporting. Clarified the future opt-in for backup services. Minor typo fixes.